Skip to Content

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers – 4

The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers

AZ-500 Question 281

Question

You plan to deploy an app that will modify the properties of Azure Active Directory (Azure AD) users by using Microsoft Graph. You need to ensure that the app can access Azure AD. What should you configure first?

A. a custom role-based access control (RBAC) role
B. an external identity
C. an Azure AD Application Proxy
D. an app registration

Answer

D. an app registration

Reference

AZ-500 Question 282

Question

You have an Azure subscription that uses Microsoft Sentinel.
You need to create a Microsoft Sentinel notebook that will use the Guided Investigation – Anomaly Lookup template.
What should you create first?

A. an analytics rule
B. a Log Analytics workspace
C. an Azure Machine Learning workspace
D. a hunting query

Answer

A. an analytics rule

AZ-500 Question 283

Question

You have an Azure subscription that contains four Azure SQL managed instances.
You need to evaluate the vulnerability of the managed instances to SQL injection attacks.
What should you do first?

A. Create an Azure Sentinel workspace.
B. Enable Advanced Data Security.
C. Add the SQL Health Check solution to Azure Monitor.
D. Create an Azure Advanced Threat Protection (ATP) instance.

Answer

B. Enable Advanced Data Security.

AZ-500 Question 284

Question

You have an Azure subscription named Sub1.
In Azure Security Center, you have a security playbook named Play1. Play1 is configured to send an email message to a user named User1.
You need to modify Play1 to send email messages to a distribution group named Alerts.
What should you use to modify Play1?

A. Azure DevOps
B. Azure Application Insights
C. Azure Monitor
D. Azure Logic Apps Designer

Answer

D. Azure Logic Apps Designer

Explanation

You can change an existing playbook in Security Center to add an action, or conditions. To do that you just need to click on the name of the playbook that you want to change, in the Playbooks tab, and Logic App Designer opens up.

Reference

AZ-500 Question 285

Question

You have an Azure Subscription that is linked to an Azure Active Directory (Azure AD). The tenant contains the users shown in the following table.

Name Role Member of
User1 Security administrator Group1
User2 Network Contributor Group2
User3 Key Vault Contributor Group1, Group2

You have an Azure key vault named Vault1 that has Purge protection set to Disabled. Vault1 contains the access policies shown in the following table.

Name Key permission Secret permission Certificate permission
Group1 Purge Purge Purge
Group2 Select all Select all Select all

You create role assignments for Vault1 as shown in the following table.

Name Role
User1 None
User2 Key Vault Reader
User3 User Access Administrator

For each of the following statements, Yes if the statement is true, Otherwise, select No.
NOTE: Each correct selection is worth one point.

Statements:

  • User1 can set Purge protection to Enable for Vault1.
  • User2 can configure firewalls and virtual networks for Vault1.
  • User3 can add access policies for Vault1.

Answer

  • User1 can set Purge protection to Enable for Vault1: Yes
  • User2 can configure firewalls and virtual networks for Vault1: No
  • User3 can add access policies for Vault1: No

AZ-500 Question 286

Question

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.
You need to ensure that User1 can create and manage administrative units. The solution must use the principle of least privilege.
Which role should you assign to User1?

A. Privileged role administrator
B. Helpdesk administrator
C. Global administrator
D. Security administrator

Answer

A. Privileged role administrator

AZ-500 Question 287

Question

You have the Azure virtual machines shown in the following table.

Name Operating system State
VM1 Windows Server 2008 R2 Service Pack 1 (SP1) Running
VM2 Windows Server 2012 R2 Running
VM3 Windows Server 2016 Stopped
VM4 Ubuntu Server 18.04 LTS Running

For which virtual machine can you enable Update Management?

A. VM2 and VM3 only
B. VM2, VM3, and VM4 only
C. VM1, VM2, and VM4 only
D. VM1, VM2, VM3, and VM4
E. VM1, VM2, and VM3 only

Answer

C. VM1, VM2, and VM4 only

Reference

AZ-500 Question 288

Question

Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory Azure (Azure AD) tenant named contoso.com.
The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.
You need to register App1 in Azure AD.
What information should you obtain from the developer to register the application?

A. a redirect URI
B. a reply URL
C. a key
D. an application ID

Answer

A. a redirect URI

Explanation

For Native Applications you need to provide a Redirect URI, which Azure AD will use to return token responses.

Reference

AZ-500 Question 289

Question

You have an Azure Active Directory (Azure AD) tenant named Contoso.com and an Azure Service (AKS) cluster AKS1.
You discover that AKS1 cannot be accessed by using accounts from Contoso.com You need to ensure AKS1 can be accessed by using accounts from Contoso.com The solution must minimize administrative effort.
What should you do first?

A. From Azure recreate AKS1.
B. From AKS1, upgrade the version of Kubernetes.
C. From Azure AD, implement Azure AD Premium P2.
D. From Azure AD, configure the User settings.

Answer

A. From Azure recreate AKS1.

Reference

AZ-500 Question 290

Question

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Security Center for the centralized policy management of three Azure subscriptions.
You use several policy definitions to manage the security of the subscriptions.
You need to deploy the policy definitions as a group to all three subscriptions.
Solution: You create an initiative and an assignment that is scoped to the Tenant Root Group management group.
Does this meet the goal?

A. Yes
B. No

Answer

A. Yes

Reference

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.